New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
guix: Use DOS newlines for SHA256SUMS files #29147
base: master
Are you sure you want to change the base?
Conversation
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process. |
Not sure. Wasn't the goal the exact opposite, so that it is easier to |
You can still do that with the content in the file. Furthermore, this change does not require us to produce an attached SHA256SUMS.asc, it only enables us to do so if desired. |
OpenPGP specifies that plain text should use CR LF for newlines. By doing so, it becomes possible to include the hashes directly in the .asc file.
767a086
to
78afc76
Compare
It seems @DrahtBot stops short of making the full SHA256SUMS file? |
It would be good to list at least one benefit, otherwise the benefits of this change are unclear. |
Having a single file to download for the signatures is simpler for end users. |
It seems this isn't enough - OpenPGP explicitly identifies the data as either binary or text: https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.1 So I guess the only way to support a combined file would be to use |
Apparently stripping the final newline would fix this, but a new issue arose: if the signature is detached, it will only verify a pre-canonicalized (DOS-encoded and final newline stripped) file. Some So IF we're okay with the combined file ONLY being clearsign format (which can then be UNIX newlines again), I can fix this PR. Or someone could spend more time to figure out why The UX for downloading two verification files sucks IMO. I think we should just go for the clearsign option, even if it's exclusive. Thoughts? |
OpenPGP specifies that plain text should use CR LF for newlines. By doing so, it becomes possible to include the hashes directly in the .asc file.
(Currently untested, looking for Concept ACKs)